Namespace: DSInternals.Win32.WebAuthn
Assembly: DSInternals.Win32.WebAuthn.dll
Contains WebAuthn extensions that are actually supported by Windows 10. These are currently defined in CTAP 2.1 Draft.
public class AuthenticationExtensionsClientInputsobject ← AuthenticationExtensionsClientInputs
object.Equals(object?), object.Equals(object?, object?), object.GetHashCode(), object.GetType(), object.MemberwiseClone(), object.ReferenceEquals(object?, object?), object.ToString()
This extension allows WebAuthn Relying Parties that have previously registered a credential using the legacy FIDO JavaScript APIs to request an assertion.
[JsonPropertyName("appid")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
public string AppID { get; set; }This extension indicates that the authenticator supports enhanced protection mode for the credentials created on the authenticator. If present, verify that the credentialProtectionPolicy value is one of following values: userVerificationOptional, userVerificationOptionalWithCredentialIDList, userVerificationRequired
[JsonPropertyName("credentialProtectionPolicy")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
public UserVerification CredProtect { get; set; }[JsonPropertyName("credBlob")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
public byte[] CredentialBlob { get; set; }byte[]
Controls whether it is better to fail to create a credential rather than ignore the protection policy. When enforceCredentialProtectionPolicy is true, and credentialProtectionPolicy is either userVerificationOptionalWithCredentialIDList or userVerificationRequired, the platform SHOULD NOT create the credential in a way that does not implement the requested protection policy.
[JsonPropertyName("enforceCredentialProtectionPolicy")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
public bool EnforceCredProtect { get; set; }[JsonPropertyName("getCredBlob")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
public bool GetCredentialBlob { get; set; }This extension is used by the platform to retrieve a symmetric secret from the authenticator when it needs to encrypt or decrypt data using that symmetric secret. This symmetric secret is scoped to a credential. The authenticator and the platform each only have the part of the complete secret to prevent offline attacks. This extension can be used to maintain different secrets on different machines.
[JsonPropertyName("hmacCreateSecret")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
public bool HmacCreateSecret { get; set; }[JsonPropertyName("hmacGetSecret")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
public HMACGetSecretInput HmacGetSecret { get; set; }This extension returns the current minimum PIN length value. This value does not decrease unless the authenticator is reset, in which case, all the credentials are reset. This extension is only applicable during credential creation.
[JsonPropertyName("minPinLength")]
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
public bool MinimumPinLength { get; set; }